﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Web;
using System.Web.Security;

namespace Tools
{
    public static class AsynchronousLogin
    {
        public static string GetAsynchronousLoginUrl(string Url, string Permissions)
        {
            if (Url.IndexOf("?") > 0)
            {
                if (Url[Url.Length-1] == '?')
                    Url += "AsynchronousLoginKey=";
                else 
                    Url += "&AsynchronousLoginKey=";
            }
            else
            {
                Url += "?AsynchronousLoginKey=";
            }
            return Url += GetAsynchronousLoginKey(Url, Permissions);
        }

        public static string GetAsynchronousLoginKey(string Url, string Permissions)
        {
            DateTime DT = (DateTime)HttpContext.Current.Session["AsynchronousLoginTime"];
            return FormsAuthentication.HashPasswordForStoringInConfigFile(HttpContext.Current.Session["AsynchronousUserID"] + DT.ToString("yyMMddHHmmss") + Permissions + ConfigurationManager.AppSettings["AsynchronousLoginKey"] + Url.Substring(0, Url.IndexOf("AsynchronousLoginKey")).ToLower(), "MD5");
        }

        public static bool CheckAsynchronousLogin()
        {
            string Key = HttpContext.Current.Request.QueryString["AsynchronousLoginKey"];
            if (Key != null && HttpContext.Current.Session["AsynchronousLoginTime"] != null)
            {
                DateTime DT = (DateTime)HttpContext.Current.Session["AsynchronousLoginTime"];
                string Url = HttpContext.Current.Request.Url.AbsoluteUri;
                if (FormsAuthentication.HashPasswordForStoringInConfigFile(HttpContext.Current.Session["AsynchronousUserID"] + DT.ToString("yyMMddHHmmss") + HttpContext.Current.Request.QueryString["Permissions"] + ConfigurationManager.AppSettings["AsynchronousLoginKey"] + Url.Substring(0, Url.IndexOf("AsynchronousLoginKey")).ToLower(), "MD5") == Key)
                    return true;
            }
            return false;
        }

        public static bool CheckAsynchronousLogin(string SessionID)
        {
            string Key = HttpContext.Current.Request.QueryString["AsynchronousLoginKey"];
            if (Key != null)
            {
                DateTime DT = (DateTime)SessionDictionary.GetSession(SessionID)["AsynchronousLoginTime"];
                string Url = HttpContext.Current.Request.Url.AbsoluteUri;
                if (FormsAuthentication.HashPasswordForStoringInConfigFile(SessionDictionary.GetSession(SessionID)["AsynchronousUserID"] + DT.ToString("yyMMddHHmmss") + HttpContext.Current.Request.QueryString["Permissions"] + ConfigurationManager.AppSettings["AsynchronousLoginKey"] + Url.Substring(0, Url.IndexOf("AsynchronousLoginKey")).ToLower(), "MD5") == Key)
                    return true;
            }
            return false;
        }

        public static void CheckAsynchronousLoginThrow()
        {
            if (!CheckAsynchronousLogin())
                throw new Exception("无法通过系统验证，请遵从正常的流程进行操作或者重新登陆再试。");
        }

        public static void CheckAsynchronousLoginThrow(string SessionID)
        {
            if (!CheckAsynchronousLogin())
                if (!CheckAsynchronousLogin(SessionID))
                    throw new Exception("无法通过系统验证，请遵从正常的流程进行操作或者重新登陆再试。");
        }
    }
}
